/** * @return string */ protected static function AdminPolicyLevel() { $arGroupPolicy = array("parent" => array("SESSION_TIMEOUT" => "", "SESSION_IP_MASK" => "", "MAX_STORE_NUM" => "", "STORE_IP_MASK" => "", "STORE_TIMEOUT" => "", "CHECKWORD_TIMEOUT" => "", "PASSWORD_LENGTH" => "", "PASSWORD_UPPERCASE" => "N", "PASSWORD_LOWERCASE" => "N", "PASSWORD_DIGITS" => "N", "PASSWORD_PUNCTUATION" => "N", "LOGIN_ATTEMPTS" => ""), "low" => array("SESSION_TIMEOUT" => 30, "SESSION_IP_MASK" => "0.0.0.0", "MAX_STORE_NUM" => 20, "STORE_IP_MASK" => "255.0.0.0", "STORE_TIMEOUT" => 60 * 24 * 93, "CHECKWORD_TIMEOUT" => 60 * 24 * 185, "PASSWORD_LENGTH" => 6, "PASSWORD_UPPERCASE" => "N", "PASSWORD_LOWERCASE" => "N", "PASSWORD_DIGITS" => "N", "PASSWORD_PUNCTUATION" => "N", "LOGIN_ATTEMPTS" => 0), "middle" => array("SESSION_TIMEOUT" => 20, "SESSION_IP_MASK" => "255.255.0.0", "MAX_STORE_NUM" => 10, "STORE_IP_MASK" => "255.255.0.0", "STORE_TIMEOUT" => 60 * 24 * 30, "CHECKWORD_TIMEOUT" => 60 * 24 * 1, "PASSWORD_LENGTH" => 8, "PASSWORD_UPPERCASE" => "Y", "PASSWORD_LOWERCASE" => "Y", "PASSWORD_DIGITS" => "Y", "PASSWORD_PUNCTUATION" => "N", "LOGIN_ATTEMPTS" => 0), "high" => array("SESSION_TIMEOUT" => 15, "SESSION_IP_MASK" => "255.255.255.255", "MAX_STORE_NUM" => 1, "STORE_IP_MASK" => "255.255.255.255", "STORE_TIMEOUT" => 60 * 24 * 3, "CHECKWORD_TIMEOUT" => 60, "PASSWORD_LENGTH" => 10, "PASSWORD_UPPERCASE" => "Y", "PASSWORD_LOWERCASE" => "Y", "PASSWORD_DIGITS" => "Y", "PASSWORD_PUNCTUATION" => "Y", "LOGIN_ATTEMPTS" => 3)); $arAdminPolicy = CUser::GetGroupPolicy(1); $level = 'high'; if (is_array($arGroupPolicy)) { foreach ($arGroupPolicy['parent'] as $key => $value) { $el2_value = $arAdminPolicy[$key]; $el2_checked = $arAdminPolicy[$key] === "Y"; switch ($key) { case "SESSION_TIMEOUT": case "MAX_STORE_NUM": case "STORE_TIMEOUT": case "CHECKWORD_TIMEOUT": if (intval($el2_value) <= intval($arGroupPolicy['high'][$key])) { $clevel = 'high'; } elseif (intval($el2_value) <= intval($arGroupPolicy['middle'][$key])) { $clevel = 'middle'; } else { $clevel = 'low'; } break; case "PASSWORD_LENGTH": if (intval($el2_value) >= intval($arGroupPolicy['high'][$key])) { $clevel = 'high'; } elseif (intval($el2_value) >= intval($arGroupPolicy['middle'][$key])) { $clevel = 'middle'; } else { $clevel = 'low'; } break; case "LOGIN_ATTEMPTS": if (intval($el2_value) > 0) { if (intval($el2_value) <= intval($arGroupPolicy['high'][$key])) { $clevel = 'high'; } elseif (intval($el2_value) <= intval($arGroupPolicy['middle'][$key])) { $clevel = 'middle'; } else { $clevel = 'low'; } } else { if (intval($arGroupPolicy['high'][$key]) <= 0) { $clevel = 'high'; } elseif (intval($arGroupPolicy['middle'][$key]) <= 0) { $clevel = 'middle'; } else { $clevel = 'low'; } } break; case "PASSWORD_UPPERCASE": case "PASSWORD_LOWERCASE": case "PASSWORD_DIGITS": case "PASSWORD_PUNCTUATION": if ($el2_checked) { if ($arGroupPolicy['high'][$key] == 'Y') { $clevel = 'high'; } elseif ($arGroupPolicy['middle'][$key] == 'Y') { $clevel = 'middle'; } else { $clevel = 'low'; } } else { if ($arGroupPolicy['high'][$key] == 'N') { $clevel = 'high'; } elseif ($arGroupPolicy['middle'][$key] == 'N') { $clevel = 'middle'; } else { $clevel = 'low'; } } break; case "SESSION_IP_MASK": case "STORE_IP_MASK": $gp_ip = ip2long($el2_value); $high_ip = ip2long($arGroupPolicy['high'][$key]); $middle_ip = ip2long($arGroupPolicy['middle'][$key]); if (($gp_ip & $high_ip) == (0xffffffff & $high_ip)) { $clevel = 'high'; } elseif (($gp_ip & $middle_ip) == (0xffffffff & $middle_ip)) { $clevel = 'middle'; } else { $clevel = 'low'; } break; default: $clevel = 'low'; break; } if ($clevel == 'low') { $level = $clevel; } elseif ($clevel == 'middle' && $level == 'high') { $level = $clevel; } } } return $level; }
if ($idx > 10) { $saleLogin = $saleLogin . time(); break; } else { $saleLogin = $saleLoginTmp . $idx; } $dbSaleLoginUser = CUser::GetByLogin($saleLogin); } } if (empty($errorMessage)) { $defaultGroup = COption::GetOptionString("main", "new_user_registration_def_group", ""); if ($defaultGroup != "") { $arDefaultGroup = explode(",", $defaultGroup); $arPolicy = CUser::GetGroupPolicy($arDefaultGroup); } else { $arPolicy = CUser::GetGroupPolicy(array()); } $passwordMinLength = intval($arPolicy["PASSWORD_LENGTH"]); if ($passwordMinLength <= 10) { $passwordMinLength = 10; } $passwordChars = array("abcdefghijklnmopqrstuvwxyz", "ABCDEFGHIJKLNMOPQRSTUVWXYZ", "0123456789"); if ($arPolicy["PASSWORD_PUNCTUATION"] === "Y") { $passwordChars[] = ",.<>/?;:'\"[]{}\\|`~!@#\$%^&*()-_+="; } $salePassword = randString($passwordMinLength + 2, $passwordChars); $saleEMail = $saleLogin . '@' . $_SERVER["SERVER_NAME"]; if (!check_email($saleEMail)) { $saleEMail = $saleLogin . '@temporary.temp'; } $arUserFields = array("LOGIN" => $saleLogin, "NAME" => "CRM", "LAST_NAME" => "IMPORT", "PASSWORD" => $salePassword, "PASSWORD_CONFIRM" => $salePassword, "EMAIL" => $saleEMail, "GROUP_ID" => $arDefaultGroup, "ACTIVE" => "Y", "LID" => SITE_ID);
$APPLICATION->AuthForm(array()); // apply core fields to user defined $arDefaultFields = array( "LOGIN", "PASSWORD", "CONFIRM_PASSWORD", "EMAIL", ); $arResult["USE_EMAIL_CONFIRMATION"] = COption::GetOptionString("main", "new_user_registration_email_confirmation", "N") == "Y" ? "Y" : "N"; $def_group = COption::GetOptionString("main", "new_user_registration_def_group", ""); if($def_group <> "") $arResult["GROUP_POLICY"] = CUser::GetGroupPolicy(explode(",", $def_group)); else $arResult["GROUP_POLICY"] = CUser::GetGroupPolicy(array()); $arResult["SHOW_FIELDS"] = array_merge($arDefaultFields, $arParams["SHOW_FIELDS"]); $arResult["REQUIRED_FIELDS"] = array_merge($arDefaultFields, $arParams["REQUIRED_FIELDS"]); // use captcha? $arResult["USE_CAPTCHA"] = COption::GetOptionString("main", "captcha_registration", "N") == "Y" ? "Y" : "N"; // start values $arResult["VALUES"] = array(); $arResult["ERRORS"] = array(); $register_done = false; // register user if ($_SERVER["REQUEST_METHOD"] == "POST" && !empty($_REQUEST["register_submit_button"]) && !$USER->IsAuthorized()) {
$arResult["USER"]["LAST_NAME"] = trim($_POST["LAST_NAME"]); $arResult["USER"]["WORK_COMPANY"] = trim($_POST["WORK_COMPANY"]); $arResult["USER"]["WORK_PHONE"] = trim($_POST["WORK_PHONE"]); $arResult["PASSWORD"] = $_POST["PASSWORD"]; $arResult["CONFIRM_PASSWORD"] = $_POST["CONFIRM_PASSWORD"]; if ($arResult["USER"]["NAME"] == '') { $arResult["MESSAGE_TEXT"] .= GetMessage("CC_MAIN_REG_INIT_MESSAGE_NAME_EMPTY") . "<br>"; $arResult["MESSAGE_CODE"][] = "E21"; $arResult["SHOW_FORM"] = true; } if ($arResult["USER"]["LAST_NAME"] == '') { $arResult["MESSAGE_TEXT"] .= GetMessage("CC_MAIN_REG_INIT_MESSAGE_LAST_NAME_EMPTY") . "<br>"; $arResult["MESSAGE_CODE"][] = "E22"; $arResult["SHOW_FORM"] = true; } $arResult["GROUP_POLICY"] = CUser::GetGroupPolicy($arResult["USER"]["ID"]); if ($_POST["PASSWORD"] == '') { $arResult["MESSAGE_TEXT"] .= GetMessage("CC_MAIN_REG_INIT_MESSAGE_PASSWORD_EMPTY") . "<br>"; $arResult["MESSAGE_CODE"][] = "E07"; $arResult["SHOW_FORM"] = true; } elseif ($_POST["PASSWORD"] !== $_POST["CONFIRM_PASSWORD"]) { $arResult["MESSAGE_TEXT"] .= GetMessage("CC_MAIN_REG_INIT_MESSAGE_PASSWORD_NOT_CONFIRMED") . "<br>"; $arResult["MESSAGE_CODE"][] = "E08"; $arResult["SHOW_FORM"] = true; } if (empty($arResult["MESSAGE_CODE"])) { $arFields = array("PASSWORD" => $_POST["PASSWORD"], "NAME" => $arResult["USER"]["NAME"], "LAST_NAME" => $arResult["USER"]["LAST_NAME"]); if (trim($_POST["WORK_COMPANY"]) != '') { $arFields["WORK_COMPANY"] = trim($_POST["WORK_COMPANY"]); } if (trim($_POST["WORK_PHONE"]) != '') {
function NeedCAPTHAForLogin($login) { //When last login was failed then ask for CAPTCHA if (isset($_SESSION["BX_LOGIN_NEED_CAPTCHA"]) && $_SESSION["BX_LOGIN_NEED_CAPTCHA"]) { return true; } //This is local cache. May save one query. $USER_ATTEMPTS = false; //Check if SESSION cache for POLICY_ATTEMPTS is actual for given login if (!array_key_exists("BX_LOGIN_NEED_CAPTCHA_LOGIN", $_SESSION) || $_SESSION["BX_LOGIN_NEED_CAPTCHA_LOGIN"]["LOGIN"] !== $login) { $POLICY_ATTEMPTS = 0; if ($login != '') { $rsUser = CUser::GetList($o = 'LOGIN', $b = 'DESC', array("LOGIN_EQUAL_EXACT" => $login), array('FIELDS' => array('ID', 'LOGIN', 'LOGIN_ATTEMPTS'))); $arUser = $rsUser->Fetch(); if ($arUser) { $arPolicy = CUser::GetGroupPolicy($arUser["ID"]); $POLICY_ATTEMPTS = intval($arPolicy["LOGIN_ATTEMPTS"]); $USER_ATTEMPTS = intval($arUser["LOGIN_ATTEMPTS"]); } } $_SESSION["BX_LOGIN_NEED_CAPTCHA_LOGIN"] = array("LOGIN" => $login, "POLICY_ATTEMPTS" => $POLICY_ATTEMPTS); } //For users who had sucsessful login and if policy is set //check for CAPTCHA display if ($login != '' && $_SESSION["BX_LOGIN_NEED_CAPTCHA_LOGIN"]["POLICY_ATTEMPTS"] > 0) { //We need to know how many attempts user made if ($USER_ATTEMPTS === false) { $rsUser = CUser::GetList($o = 'LOGIN', $b = 'DESC', array("LOGIN_EQUAL_EXACT" => $login), array('FIELDS' => array('ID', 'LOGIN', 'LOGIN_ATTEMPTS'))); $arUser = $rsUser->Fetch(); if ($arUser) { $USER_ATTEMPTS = intval($arUser["LOGIN_ATTEMPTS"]); } else { $USER_ATTEMPTS = 0; } } //When user login attempts exceeding the policy we'll show the CAPTCHA if ($USER_ATTEMPTS >= $_SESSION["BX_LOGIN_NEED_CAPTCHA_LOGIN"]["POLICY_ATTEMPTS"]) { return true; } } return false; }
function CheckStoredHash($iUserId, $sHash, $bTempHashOnly = false) { global $DB; $arPolicy = CUser::GetGroupPolicy($iUserId); $cnt = 0; $auth_id = false; $site_format = CSite::GetDateFormat(); CTimeZone::Disable(); $strSql = "SELECT A.*, " . "\t" . $DB->DateToCharFunction("A.DATE_REG", "FULL") . " as DATE_REG, " . "\t" . $DB->DateToCharFunction("A.LAST_AUTH", "FULL") . " as LAST_AUTH " . "FROM b_user_stored_auth A " . "WHERE A.USER_ID = " . IntVal($iUserId) . " " . "ORDER BY A.LAST_AUTH DESC"; $res = $DB->Query($strSql); CTimeZone::Enable(); while ($ar = $res->Fetch()) { if ($ar["TEMP_HASH"] == "N") { $cnt++; } if ($arPolicy["MAX_STORE_NUM"] < $cnt || $ar["TEMP_HASH"] == "N" && mktime() - $arPolicy["STORE_TIMEOUT"] * 60 > MakeTimeStamp($ar["LAST_AUTH"], $site_format) || $ar["TEMP_HASH"] == "Y" && mktime() - $arPolicy["SESSION_TIMEOUT"] * 60 > MakeTimeStamp($ar["LAST_AUTH"], $site_format)) { $DB->Query("DELETE FROM b_user_stored_auth WHERE ID=" . $ar["ID"]); } elseif (!$auth_id) { //for domain spreaded external auth we should check only temporary hashes if ($bTempHashOnly == false || $ar["TEMP_HASH"] == "Y") { $remote_net = ip2long($arPolicy["STORE_IP_MASK"]) & ip2long($_SERVER["REMOTE_ADDR"]); $stored_net = ip2long($arPolicy["STORE_IP_MASK"]) & (double) $ar["IP_ADDR"]; if ($sHash == $ar["STORED_HASH"] && $remote_net == $stored_net) { $auth_id = $ar["ID"]; } } } } return $auth_id; }
$arRequestParams = array("USER_CHECKWORD", "USER_PASSWORD", "USER_CONFIRM_PASSWORD"); foreach ($arRequestParams as $param) { $arResult[$param] = strlen($_REQUEST[$param]) > 0 ? $_REQUEST[$param] : ""; $arResult[$param] = htmlspecialcharsbx($arResult[$param]); } if (isset($_GET["USER_LOGIN"])) { $arResult["~LAST_LOGIN"] = CUtil::ConvertToLangCharset($_GET["USER_LOGIN"]); } elseif (isset($_POST["USER_LOGIN"])) { $arResult["~LAST_LOGIN"] = $_POST["USER_LOGIN"]; } else { $arResult["~LAST_LOGIN"] = $_COOKIE[COption::GetOptionString("main", "cookie_name", "BITRIX_SM") . "_LOGIN"]; } $arResult["LAST_LOGIN"] = htmlspecialcharsbx($arResult["~LAST_LOGIN"]); $userId = 0; if ($arResult["~LAST_LOGIN"] != '') { $res = CUser::GetByLogin($arResult["~LAST_LOGIN"]); if ($profile = $res->Fetch()) { $userId = $profile["ID"]; } } $arResult["GROUP_POLICY"] = CUser::GetGroupPolicy($userId); $arResult["SECURE_AUTH"] = false; if (!CMain::IsHTTPS() && COption::GetOptionString('main', 'use_encrypted_auth', 'N') == 'Y') { $sec = new CRsaSecurity(); if ($arKeys = $sec->LoadKeys()) { $sec->SetKeys($arKeys); $sec->AddToForm('bform', array('USER_PASSWORD', 'USER_CONFIRM_PASSWORD')); $arResult["SECURE_AUTH"] = true; } } $this->IncludeComponentTemplate();
public static function DoAutoRegisterUser($autoEmail, $payerName, $siteId, &$arErrors, $arOtherFields = null) { $autoEmail = trim($autoEmail); if (empty($autoEmail)) { return null; } if ($siteId == null) { $siteId = SITE_ID; } $autoName = ""; $autoLastName = ""; if (!is_array($payerName) && strlen($payerName) > 0) { $arNames = explode(" ", $payerName); $autoName = $arNames[1]; $autoLastName = $arNames[0]; $autoSecondName = false; } elseif (is_array($payerName)) { $autoName = $payerName["NAME"]; $autoLastName = $payerName["LAST_NAME"]; $autoSecondName = $payerName["SECOND_NAME"]; } $autoLogin = $autoEmail; $pos = strpos($autoLogin, "@"); if ($pos !== false) { $autoLogin = substr($autoLogin, 0, $pos); } if (strlen($autoLogin) > 47) { $autoLogin = substr($autoLogin, 0, 47); } while (strlen($autoLogin) < 3) { $autoLogin .= "_"; } $idx = 0; $loginTmp = $autoLogin; $dbUserLogin = CUser::GetByLogin($autoLogin); while ($arUserLogin = $dbUserLogin->Fetch()) { $idx++; if ($idx == 10) { $autoLogin = $autoEmail; } elseif ($idx > 10) { $autoLogin = "******" . time() . GetRandomCode(2); break; } else { $autoLogin = $loginTmp . $idx; } $dbUserLogin = CUser::GetByLogin($autoLogin); } $defaultGroup = COption::GetOptionString("main", "new_user_registration_def_group", ""); if ($defaultGroup != "") { $arDefaultGroup = explode(",", $defaultGroup); $arPolicy = CUser::GetGroupPolicy($arDefaultGroup); } else { $arPolicy = CUser::GetGroupPolicy(array()); } $passwordMinLength = intval($arPolicy["PASSWORD_LENGTH"]); if ($passwordMinLength <= 0) { $passwordMinLength = 6; } $passwordChars = array("abcdefghijklnmopqrstuvwxyz", "ABCDEFGHIJKLNMOPQRSTUVWXYZ", "0123456789"); if ($arPolicy["PASSWORD_PUNCTUATION"] === "Y") { $passwordChars[] = ",.<>/?;:'\"[]{}\\|`~!@#\$%^&*()-_+="; } $autoPassword = randString($passwordMinLength + 2, $passwordChars); $arFields = array("LOGIN" => $autoLogin, "NAME" => $autoName, "LAST_NAME" => $autoLastName, "SECOND_NAME" => $autoSecondName, "PASSWORD" => $autoPassword, "PASSWORD_CONFIRM" => $autoPassword, "EMAIL" => $autoEmail, "GROUP_ID" => $arDefaultGroup, "LID" => $siteId); $arFields["ACTIVE"] = isset($arOtherFields["ACTIVE"]) && $arOtherFields["ACTIVE"] == "N" ? "N" : "Y"; if (isset($arOtherFields["ACTIVE"])) { unset($arOtherFields["ACTIVE"]); } if (is_array($arOtherFields)) { foreach ($arOtherFields as $key => $value) { if (!array_key_exists($key, $arFields)) { $arFields[$key] = $value; } } } $user = new CUser(); $userId = $user->Add($arFields); if (intval($userId) <= 0) { $arErrors[] = array("TEXT" => Loc::getMessage("STOF_ERROR_REG") . (strlen($user->LAST_ERROR) > 0 ? ": " . $user->LAST_ERROR : "")); return 0; } return $userId; }
if ($days > 7) { $days = 7; } $cntLog = 0; $rsLog = CEventLog::GetList(array(), array("TIMESTAMP_X_1" => ConvertTimeStamp(time() - $days * 24 * 3600 + CTimeZone::GetOffset(), "FULL"), "AUDIT_TYPE_ID" => "SECURITY_FILTER_SQL|SECURITY_FILTER_XSS|SECURITY_FILTER_XSS2|SECURITY_FILTER_PHP|SECURITY_REDIRECT")); while ($rsLog->Fetch()) { $cntLog++; } $data['std']['ITEMS'][] = array("IS_OK" => true, "KPI_NAME" => GetMessage("SEC_PANEL_FILTER_LOG_NAME", array("#DAYS#" => $days)), "KPI_VALUE" => $cntLog, "KPI_RECOMMENDATION" => $cntLog ? $USER->CanDoOperation('view_event_log') ? '<a href="event_log.php?lang=' . LANGUAGE_ID . '&set_filter=Y&find_type=audit_type_id&find_audit_type[]=SECURITY_FILTER_SQL&find_audit_type[]=SECURITY_FILTER_XSS&find_audit_type[]=SECURITY_FILTER_XSS2&find_audit_type[]=SECURITY_FILTER_PHP&find_audit_type[]=SECURITY_REDIRECT&mod=security">' . GetMessage("SEC_PANEL_FILTER_LOG_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_FILTER_LOG_RECOMMENDATION") : ' '); $bStatistic = CModule::IncludeModule('statistic'); if ($bStatistic) { $bActivity = COption::GetOptionString("statistic", "DEFENCE_ON") == "Y"; $data['std']['ITEMS'][] = array("IS_OK" => $bActivity, "KPI_NAME" => GetMessage("SEC_PANEL_ACTIVITY_NAME"), "KPI_VALUE" => $bActivity ? GetMessage("SEC_PANEL_ACTIVITY_VALUE_ON") : GetMessage("SEC_PANEL_ACTIVITY_VALUE_OFF"), "KPI_RECOMMENDATION" => $bActivity ? ' ' : ($USER->CanDoOperation('security_stat_activity_settings_write') ? '<a href="security_stat_activity.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_ACTIVITY_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_ACTIVITY_RECOMMENDATION"))); } $arGroupPolicy = array("parent" => array("SESSION_TIMEOUT" => "", "SESSION_IP_MASK" => "", "MAX_STORE_NUM" => "", "STORE_IP_MASK" => "", "STORE_TIMEOUT" => "", "CHECKWORD_TIMEOUT" => "", "PASSWORD_LENGTH" => "", "PASSWORD_UPPERCASE" => "N", "PASSWORD_LOWERCASE" => "N", "PASSWORD_DIGITS" => "N", "PASSWORD_PUNCTUATION" => "N", "LOGIN_ATTEMPTS" => ""), "low" => array("SESSION_TIMEOUT" => 30, "SESSION_IP_MASK" => "0.0.0.0", "MAX_STORE_NUM" => 20, "STORE_IP_MASK" => "255.0.0.0", "STORE_TIMEOUT" => 60 * 24 * 93, "CHECKWORD_TIMEOUT" => 60 * 24 * 185, "PASSWORD_LENGTH" => 6, "PASSWORD_UPPERCASE" => "N", "PASSWORD_LOWERCASE" => "N", "PASSWORD_DIGITS" => "N", "PASSWORD_PUNCTUATION" => "N", "LOGIN_ATTEMPTS" => 0), "middle" => array("SESSION_TIMEOUT" => 20, "SESSION_IP_MASK" => "255.255.0.0", "MAX_STORE_NUM" => 10, "STORE_IP_MASK" => "255.255.0.0", "STORE_TIMEOUT" => 60 * 24 * 30, "CHECKWORD_TIMEOUT" => 60 * 24 * 1, "PASSWORD_LENGTH" => 8, "PASSWORD_UPPERCASE" => "Y", "PASSWORD_LOWERCASE" => "Y", "PASSWORD_DIGITS" => "Y", "PASSWORD_PUNCTUATION" => "N", "LOGIN_ATTEMPTS" => 0), "high" => array("SESSION_TIMEOUT" => 15, "SESSION_IP_MASK" => "255.255.255.255", "MAX_STORE_NUM" => 1, "STORE_IP_MASK" => "255.255.255.255", "STORE_TIMEOUT" => 60 * 24 * 3, "CHECKWORD_TIMEOUT" => 60, "PASSWORD_LENGTH" => 10, "PASSWORD_UPPERCASE" => "Y", "PASSWORD_LOWERCASE" => "Y", "PASSWORD_DIGITS" => "Y", "PASSWORD_PUNCTUATION" => "Y", "LOGIN_ATTEMPTS" => 3)); $arAdminPolicy = CUser::GetGroupPolicy(1); $level = 'high'; foreach ($arGroupPolicy['parent'] as $key => $value) { $el2_value = $arAdminPolicy[$key]; $el2_checked = $arAdminPolicy[$key] === "Y"; switch ($key) { case "SESSION_TIMEOUT": case "MAX_STORE_NUM": case "STORE_TIMEOUT": case "CHECKWORD_TIMEOUT": if (intval($el2_value) <= intval($arGroupPolicy['high'][$key])) { $clevel = 'high'; } elseif (intval($el2_value) <= intval($arGroupPolicy['middle'][$key])) { $clevel = 'middle'; } else { $clevel = 'low';
$tabControl->Buttons(array( "disabled" => !$editable, "btnSaveAndAdd" => true, "back_url" => "user_admin.php?lang=".LANGUAGE_ID, )); } else { $tabControl->Buttons(array( "disabled" => !$editable, "btnSave" => false, "btnCancel" => false, "btnSaveAndAdd" => true, )); } $tabControl->Show(); $tabControl->ShowWarnings($tabControl->GetName(), $message); ?> <?if(!defined('BX_PUBLIC_MODE') || BX_PUBLIC_MODE != 1):?> <?echo BeginNote();?> <span class="required">1</span> <?$GROUP_POLICY = CUser::GetGroupPolicy($ID);echo $GROUP_POLICY["PASSWORD_REQUIREMENTS"];?><br> <span class="required">2</span> <?echo GetMessage("RATING_BONUS_NOTICE")?><br> <?echo EndNote();?> <?endif;?> <? require_once ($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/epilog_admin.php");
//Add user fields tab only when there is fields defined or user has rights for adding new field if (count($USER_FIELD_MANAGER->GetUserFields($PROPERTY_ID)) > 0 || $USER_FIELD_MANAGER->GetRights($PROPERTY_ID) >= "W") { $tabControl->BeginNextFormTab(); $tabControl->ShowUserFields($PROPERTY_ID, $ID, $strError != '' || !$res); } if ($canViewUserList) { $tabControl->Buttons(array("disabled" => !$editable, "btnSaveAndAdd" => true, "back_url" => "user_admin.php?lang=" . LANGUAGE_ID)); } else { $tabControl->Buttons(array("disabled" => !$editable, "btnSave" => false, "btnCancel" => false, "btnSaveAndAdd" => true)); } $tabControl->Show(); $tabControl->ShowWarnings($tabControl->GetName(), $message); ?> <?php if (!defined('BX_PUBLIC_MODE') || BX_PUBLIC_MODE != 1) { echo BeginNote(); ?> <span class="required">1</span> <?php $GROUP_POLICY = CUser::GetGroupPolicy($ID); echo $GROUP_POLICY["PASSWORD_REQUIREMENTS"]; ?> <br> <span class="required">2</span> <?php echo GetMessage("RATING_BONUS_NOTICE"); ?> <br> <?php echo EndNote(); } require_once $DOCUMENT_ROOT . BX_ROOT . "/modules/main/include/epilog_admin.php";